1. Manuals
  2. Brands
  3. HPE Manuals
  4. Switch
  5. FlexFabric 5940 SERIES
  6. Configuration manual

Configuration Prerequisites; Setting Up An Ovsdb Connection To A Controller; Configuration Restrictions And Guidelines; Configuring Active Ssl Connection Settings - HPE FlexFabric 5940 Series Configuration Manual

Vxlan
Hide thumbs Also See for FlexFabric 5940 Series:
Table of Contents

Advertisement

Tasks at a glance
(Required.)
(Required.)
(Optional.)
Enabling flood proxy on multicast VXLAN tunnels

Configuration prerequisites

Before you configure the VTEP as an OVSDB VTEP, enable L2VPN by using the l2vpn enable
command.
Before you set up SSL connections to controllers, you must configure SSL as described in Security
Configuration Guide.

Setting up an OVSDB connection to a controller

The OVSDB server supports the following types of OVSDB connections:
Active SSL connection—The OVSDB server initiates an SSL connection to the controller.
Passive SSL connection—The OVSDB server accepts the SSL connection from the
controller.
Active TCP connection—The OVSDB server initiates a TCP connection to the controller.
Passive TCP connection—The OVSDB server accepts the TCP connection from the
controller.

Configuration restrictions and guidelines

When you set up OVSDB connections, follow these restrictions and guidelines:
You can set up multiple OVSDB connections. For the device to establish the connections, you
must enable the OVSDB server. You must disable and then re-enable the OVSDB server if it
has been enabled.
You must specify the same PKI domain and CA certificate file for all active and passive SSL
connections.
Make sure you have configured the PKI domain before specify it for SSL. For more information
about configuring a PKI domain, see Security Configuration Guide.

Configuring active SSL connection settings

Step
1.
Enter system view.
2.
Specify a PKI domain
for SSL.
3.
(Optional.) Specify a CA
certificate file for SSL.
Specifying a global source address for VXLAN tunnels
Specifying a VTEP access port
Command
system-view
ovsdb server pki domain
domain-name
ovsdb server bootstrap
ca-certificate ca-filename
Remarks
N/A
By default, no PKI domain is specified for
SSL.
By default, SSL uses the CA certificate file in
the PKI domain.
If the specified CA certificate file does not
exist, the device obtains a self-signed
certificate from the controller. The obtained
file uses the name specified for the
ca-filename argument.
75

Advertisement

Table of Contents
loading

Related Manuals for HPE FlexFabric 5940 Series

Related Content for HPE FlexFabric 5940 Series

Table of Contents